[arch-dev-public] [RFC] Moving repos to nymeria
Stéphane Gaudreault
stephane at archlinux.org
Thu Sep 6 11:23:40 EDT 2012
Le 2012-09-06 11:05, Florian Pritz a écrit :
> Hi,
>
> So we got a new box (nymeria) and I'd like to move
> core/extra/community/multilib/testing/.. repos + svn over there.
>
> Setup overview / changes:
> - create shell accounts for every user, but only allow certain commands
> to be executed (dbscripts, rsync)
> - move the svn2git conversion script to nymeria and let gudrun sync the
> repo periodically for cgit
> - let archweb sync the needed database files periodically
> - integrity check will run on nymeria
> - postfix for @archlinux.org and @aur.archlinux.org: see below [postfix]
> - did I miss something?
>
> Benefits:
> - more trustful/locked-down system (could be useful for db signing)
> - 1TB of disk space (~900GiB for packages)
> - 100Mbit/s uplink
> - all packages on one box so if we do a big move, extra and community
> can be synced without admin intervention if dbscripts support that
> - gerolde won't run much (anything?) any more so it could potentially
> be merged back into gudrun/host system
>
> Drawbacks (kind of):
> - no more shell accounts for browsing the repo (brynhild can be used
> for that)
> - different network latency (gudrun is located in the US, nymeria in
> Germany)
> - users can no longer <s>mess up</s> change the repo db manually (no
> idea if that's still valid, but it happened a few years ago)
>
>
> [postfix]:
> We can move both domains to nymeria and let users change the forward
> destination themselves (need to make sure that you can't run arbitrary
> commands) or just appoint an admin that takes care of changing the
> destination since that shouldn't happen too often. In the second case we
> can keep them on gudrun/sigurd or move them where ever we want.
>
>
> Comments welcome.
>
Could we run sogrep on nymeria ?
Also, could you please explain why browsing the repo in a shell account
will be disabled ? I found this very useful when moving a large number
of packages from staging/testing to extra/core.
Regards,
Stéphane
More information about the arch-dev-public
mailing list